7223users PreventGovChangeControl PDF

Download as pdf or txt
Download as pdf or txt
You are on page 1of 38

Governance, Risk, and Compliance

Controls Governor

Preventive Controls Governor


Change Control Users Guide
Software Version 7.2.2.3
Preventive Controls Governor: Change Control Users Guide
Part No. AG004-7223A
Copyright 2007, 2008, Oracle Corporation and/or its affiliates. All rights reserved.
The Programs (which include both the software and the documentation) contain proprietary
information; they are provided under a license agreement containing restrictions on use and
disclosure and are also protected by copyright, patent, and other intellectual and industrial
property laws. Reverse engineering, disassembly, or decompilation of the Programs, except
to the extent required to obtain interoperability with other independently created software or
as specified by law, is prohibited.
The information contained in this document is subject to change without notice. If you find
any problems in the documentation, please report them to us in writing. This document is
not warranted to be error-free. Except as may be expressly permitted in your license agree-
ment for these Programs, no part of these Programs may be reproduced or transmitted in
any form or by any means, electronic or mechanical, for any purpose.
If the Programs are delivered to the United States Government or anyone licensing or using
the Programs on behalf of the United States Government, the following notice is applicable.
U.S. GOVERNMENT RIGHTS
Programs, software, databases, and related documentation and technical data delivered to
U.S. Government customers are commercial computer software or commercial technical
data pursuant to the applicable Federal Acquisition Regulation and agency-specific supple-
mental regulations. As such, use, duplication, disclosure, modification, and adaptation of the
Programs, including documentation and technical data, shall be subject to the licensing restric-
tions set forth in the applicable Oracle license agreement, and, to the extent applicable, the
additional rights set forth in FAR 52.227-19, Commercial Computer Software Restricted
Rights (June 1987). Oracle Corporation, 500 Oracle Parkway, Redwood City, CA 94065.
The Programs are not intended for use in any nuclear, aviation, mass transit, medical or
other inherently dangerous applications. It shall be the licensees responsibility to take all
appropriate fail-safe, backup, redundancy and other measures to ensure the safe use of such
applications if the Programs are used for such purposes, and we disclaim liability for any
damages caused by such use of the Programs.
The Programs may provide links to Web sites and access to content, products, and services
from third parties. Oracle is not responsible for the availability of, or any content provided
on, third-party Web sites. You bear all risks associated with the use of such content. If you
choose to purchase any products or services from a third party, the relationship is directly
between you and the third party. Oracle is not responsible for: (a) the quality of third-party
products or services; or (b) fulfilling any of the terms of the agreement with the third party,
including delivery of products or services and warranty obligations related to purchased
products or services. Oracle is not responsible for any loss or damage of any sort that you
may incur from dealing with any third party.
Oracle is a registered trademark of Oracle Corporation and/or its affiliates. Other names
may be trademarks of their respective owners.
The license for this program includes a limited use license for the Internal Control Manager
program. Such limited use license means that the Internal Controls program shall only be
used for financial compliance or IT governance related operations.
Contents

Introduction....................................................................................1
Change Control and the GRC Controls Suite .............................................................2
Before You Start...............................................................................................................2
Creating Control Rules Manually ..................................................5
Starting the Change Control Wizard .............................................................................5
Finding Control Rules .....................................................................................................6
Creating Control Rules ....................................................................................................7
Selecting a Block of Controllable Fields ................................................................7
Creating Control Rules for Fields in the Selected Block .....................................8
Using the Translations Tab to Select Record Identifiers.................................. 10
Creating Reason Codes.......................................................................................... 11
Finishing the Control-Rule Generation .............................................................. 12
Defining Subscribers for Control Rules .................................................................... 13
Filter Type Considerations.................................................................................... 14
More Subscriber Fields.......................................................................................... 15
Profiles and Data Subscribers............................................................................... 15

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 iii


Contents

Uploading or Migrating Control Rules .......................................17


Uploading Rules from a Content Spreadsheet ..........................................................18
Migrating Control Rules................................................................................................19
Applying Changes to Controlled Fields......................................21
Audit ................................................................................................................................21
Reason Code or Approval ............................................................................................21
Change Control with WVR Enabled ...................................................................22
Change Control with WVR Disabled...................................................................23
Completing the Approval Process........................................................................23
Reports..........................................................................................25
Exporting a Report........................................................................................................26
Other Report Features ..................................................................................................26
The Data Source Parameter .........................................................................................26
Approver Performance Report....................................................................................27
Change History Report .................................................................................................27
Control Listing Report..................................................................................................28
Creating Workflow Roles .............................................................31
Using the Event Tracker...............................................................33

iv Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 1
Introduction

Within Preventive Controls Governor, a Change Control application applies change


control to Oracle E-Business Suite form fields. It can apply any of three control
types, which subject field-value changes to increasing degrees of review:
Audit: Changes to fields are tracked, and a history of those changes is presented
in reports. This control type allows users to make changes freely.
Reason Code: Field changes are once again tracked, and their history presented
in reports. Moreover, a user who changes the value of a field must enter a reason
code and may send notification of the change to another person or role (if a
recipient of the notification has been specified). Approval is not required for the
change to be made.
Approval: Field changes are once again tracked, and their history presented in
reports. When a user changes the value of a field, she must once again give a
reason for the change, but her action also sends a request for approval to a
specified person or role. The change must be approved or rejected, and the
requesting user must acknowledge an approval. A change is implemented only
when it is approved and acknowledged.
Rules one for each field implement these controls. You can use a form called
the Change Control Wizard to view these rules or to create them manually. As an
alternative to creating individual rules, you can upload already-created rules from a
content spreadsheet, and then use the Wizard to confirm that they have been up-

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 1


Chapter 1: Introduction

loaded correctly. The spreadsheet includes more than 1,500 change-control objects
that you can tailor to your organizations needs.
Moreover, you can create subscribers for each control rule; in other words, you can
define circumstances under which a control takes effect. For a given field you can,
for example, designate some users who are subject to change control and others who
are not. Or you can impose controls selectively for responsibilities, operating units,
or other entities. If no subscriber is defined for a rule, its control applies universally.

Change Control and the GRC Controls Suite


Oracle Governance, Risk, and Compliance Controls Suite documents and enforces
business controls, enabling users to demonstrate regulatory compliance and to pro-
mote operational efficiency. It provides a control library in which users describe
and catalog controls as well as other items that establish the business context in which
controls exist. It also enables users to review of control-library items, and to generate
reports on their status.
The Governance, Risk, and Compliance Controls Suite includes modules that auto-
mate the enforcement of controls, and Change Control is considered an element of
the module called Preventive Controls Governor. (Other elements of Preventive
Controls Governor include applications called Form Rules, Flow Rules, and Audit
Rules.)
To enforce the controls defined in the Governance, Risk, and Compliance Controls
Suite, users can attach automations to them. Change-control rules are among the
items that can be attached as automations to controls. However, one would attach
them only for documentary purposes. Change-control rules run within Oracle E-
Business Suite regardless of their association with controls.

Before You Start


Before you set up change control, make sure you have done the following:
In Audit Rules, create audit groups and include database tables in them. See the
Audit Rules Users Guide.
In the Change Control Wizard, you will select fields to be subject to control
rules, as well as the form blocks in which those fields reside. Each block corre-
sponds to a database table, and each field in the block corresponds to a column
in the table. For each block containing fields you want to control, you must
include the corresponding table in an audit group. For each field you want to
control, you must enable auditing for the corresponding column.
If you attempt to use the Change Control Wizard to create a control rule without
first having set up auditing, you will encounter error messages and will be unable
to finish configuring the rule. If you attempt to load rules from a content spread-
sheet, all rules will fail to load if auditing is set up incorrectly for even a single
field affected by one of the rules.

2 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 1: Introduction

In Flow Rules, define workflow roles to be used for notifications and approvals of
field-value changes. See Appendix A.
In Form Rules, use the Event Tracker to capture information about forms,
blocks, and fields you want to control. This enables the Change Control Wizard
to present the information for selection as you configure control rules. See
Appendix B.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 3


Chapter 1: Introduction

4 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 2
Creating Control Rules Manually

The Change Control Wizard enables you to create new control rules. As an alterna-
tive, you can upload already-created rules from a content spreadsheet (see Chapter
3). In the Wizard, you can also view existing rules, either to modify them or to con-
firm that content-spreadsheet rules have been uploaded correctly.

Starting the Change Control Wizard


To start the Change Control Wizard:
1 Log on to Oracle E-Business Suite.
2 Select GRC Controls in your list of responsibilities. (Ensure first that this
responsibility is available to you.)
3 A selection of applications appears. Under the Change Control heading, click on
Audit and Approval Rules.
Both the Change Control Wizard and a Change Control Find form appear on screen,
with the Find form initially active.
If you close the Wizard, you can restart it: In the GRC Controls Navigator, expand
the Change Control option (click on its plus sign). Under the expanded Change
Control option, click on the Audit and Approval Rules option, and then the Open
button. (Or double-click on the Audit and Approval Rules option.)

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 5


Chapter 2: Creating Control Rules Manually

Finding Control Rules


When you start the Change Control Wizard, a Find form is initially active:

If you intend to create new control rules, you can simply click on its New button. In
this case, the Wizard becomes the active form but displays no rule data.
However, you can also use the Find form to load existing control rules into the Change
Control Wizard: To search for all rules, simply click on the Find button. Or, to search
for a selection of rules, supply values in any combination of the filtering fields:
Application Name: From the list, select an Oracle EBS application containing
fields for which you want to view control rules. Or, leave the box blank to select
all applications.
User Form Name: This box presents a list of the form names that are visible to
the user of an Oracle EBS application. Choose one containing fields for which
you want to view control rules. Or, leave the list box blank to select all forms.
Form Name: This box presents a list of the form names that are used internally by
the system. If youve made a selection in the User Form Name box, the correspond-
ing internal form name automatically fills this box. If you make a selection in this
box, it overrides the value in the User Form Name box the Change Control
Wizard will display rules governing fields from the form identified by the internal
form name. You can leave this box blank to select all forms.
Block Name: From the list, select a form block containing fields for which you
want to view control rules. Or, leave the box empty to select all blocks in a form
(if you selected one in the Form Name or User Form Name box), or all blocks in
all forms (if you made no form-name selection), or all blocks in all applications
(if you made no application selection).
After entering values, click the Find button. Or, to discard the filtering selection you
have made and start over, click on the Clear button.
After being used, the Find form remains open in the background. To bring it to the
foreground and use it again, click on it (drag any other forms, such as the Wizard,
out of the way). If you close it, you can reopen it: Click on View in the menu bar,
then on Find in the View menu. Or, click on the Find icon, located second from the
left in the tool bar. (It looks like a flashlight.)

6 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 2: Creating Control Rules Manually

Creating Control Rules


To create a control rule in the Change Control Wizard, first create an empty row in
the upper grid of the form that appears when the Change Element tab is selected. If
you clicked on the New button in the Find form, youve already accomplished this.
Otherwise, use any of the following methods:
If the Change Element grid contains any empty rows, click in the first one.
Click on the New button, which is first on the left in the tool bar.
Click on File in the Oracle EBS menu bar, then New in the File menu.

Selecting a Block of Controllable Fields


In the empty row youve created (in the upper grid under the Change Element tab),
specify a block of fields in an Oracle EBS form. Enter these values:
Form Name: This box accepts form names that are used internally by the system.
Select one containing fields for which you want to create control rules. When
you make a selection in the Form Name box, corresponding entries appear in the
User Form Name and Application Name boxes.
User Form Name: This box accepts display form names (those visible to the user
of an Oracle EBS application). If you selected a Form Name, the User Form Name
appeared here automatically. If you select a User Form Name first, a corresponding
value appears for Form Name, but not Application Name.
Application Name: This box accepts the name of the Oracle EBS application that
uses the form you specified in the previous two boxes. If you began by making a
selection in the Form Name box, the Application Name appeared here automati-
cally. If you began by making a User Form Name selection, type an application
name here. Or, click in the Form Name box, then in any other box in the row to
generate the appropriate value.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 7


Chapter 2: Creating Control Rules Manually

Block Name: This box accepts the names of field blocks that appear in the form
you have selected. Choose the block that contains fields for which you want to
create control rules. You must use the Event Tracker (see page 33) before per-
forming this step. Otherwise, no block values appear in the Block Name box.
Note
You can type values into the User Form Name, Application Name, and
Block Name boxes. However, use caution; if you enter an incorrect value,
change control is not properly enabled.
WVR Enabled: You must select the check box if you have chosen a form (in the
Form Name field) associated with a When Validate Record event. Clear the check
box if the form is not. Generally, the Change Control Wizard selects or clears the
box appropriately for the chosen form, and you should accept the default setting.
If a form is associated with a When Validate Record event and the check box is
selected, the control rules take effect when a user attempts to save changes to
any controlled fields on the form.
If the form is not associated with a When Validate Record event and the check
box is cleared, then the fields for which you create Reason Code or Approval
control rules are write-protected. The user can modify each field value in the
Oracle Change Control Request form (see page 23).

Creating Control Rules for Fields in the Selected Block


In the lower grid of the Change Control Wizard, select individual fields and enter
control-rule values for them. In each row of this grid, you can select values for one
of the fields in the block you specified in the upper grid.
1 Ensure that the Change Details tab is selected.

2 Enter these values:


Field Name: Enter the name by which the underlying code calls the field you
want to control. Select from the list (items are available if you have used the
Event Tracker to capture them; see page 33), or type a value.
User Field Name: The Change Control Wizard selects a display field name
(the label visible to the user of an Oracle EBS application) corresponding to
the Field Name you selected in the previous box. You can replace it with
another value. This name appears in the Change Control Request form and
in notifications.

8 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 2: Creating Control Rules Manually

Control Type: Select the level of control you want to apply to the field
Audit, Reason Code, or Approval. For control-type definitions, see page 1.
WorkFlow Role: Select the person or role who reviews changes made to the
field. For the Approval control type, you must enter a WorkFlow Role value;
it designates the person who approves changes. For the Reason Code control
type, you may enter a WorkFlow Role value to designate a person notified of
the change. WorkFlow Role does not apply for the Audit control type.
Reason Type: Select the name for a group of reason codes (see Creating
Reason Codes on page 11). A user who changes the Oracle EBS field can
apply any reason code belonging to the group you select here. You must
select a reason type if you selected the Approval or Reason Code control type;
a Reason Type selection does not apply if you selected the Audit control type.
Enable: To set a change-control rule to be active once it has been generated,
select the Enable check box to the right of its row. Clear the check box (and
respond to a confirmation message) to turn off the rule. Or, select or clear the
All check box (at the upper right of the Change Details panel, in the Enable
column) to enable or disable all rules currently displayed in the panel.
Enable Visual Attributes: Select the check box to cause the controlled field to
appear in yellow on its Oracle EBS form. Clear the check box to allow the
field to remain visually undistinguished from other fields. This option applies
only to fields controlled by Reason Code or Approval rules.
Comments: Explain the business risk addressed by the rule you are creating.
3 Click on the Column Translations tab.

4 Enter these values:


Under User Field Name, the Change Control Wizard supplies the display
name of the field you want to control (its a copy of the value in the User
Field Name box of the Change Details tab). You cannot change this value.
Under Column Name, select the name of the database column that corre-
sponds to the value entered in User Field Name the column that stores
data entered in the field.
If you have not enabled auditing for the column in Audit Rules (see page 2),
an error message appears, and you cannot complete the rule. You must close
the Change Control Wizard, use Audit Rules to enable auditing for the col-
umn, and then return to the Wizard to re-create the rule.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 9


Chapter 2: Creating Control Rules Manually

Using the Translations Tab to Select Record Identifiers


In the Translations tab, you associate change-controlled fields with other fields that
identify the individual record to which changes apply. The values you select here are
valid for any fields in the block you selected under the Change Element tab. For
example, if you were to apply change control to a field that provides information
about vendors, you would use the Translations tab to specify a field or fields that
identify a vendor whose record has changed.

Click on the Translations tab and fill in the following values.


Display Prompt: Type a name for the record-identifying field. When a user
changes a controlled field, he may (depending on the control type applied to
the field) complete a Change Control Request form (see page 21). The Display
Prompt value appears as a label in that form. (In the illustration on page 22,
its the label Vendor Name near the top of the Change Control Request form.)
Display Column (Block.Field): Select the name of the field you want to use
for record identification. Use the format BLOCK.FIELD, in which BLOCK is the
name by which underlying code recognizes the form block that contains the
field you want to use, and FIELD is the name by which underlying code calls
the field you want. The block does not have to match the block you specified
under the Change Element tab.
Table Name: Select the name of the database table that corresponds to the
block you specified under the Change Element tab. If you have not used
Audit Rules to include the table in an audit group (see page 2), an error mes-
sage appears, and you cannot complete the procedure. You must close the
Change Control Wizard, use Audit Rules to enable auditing for the column,
and then return the to Wizard to start over.
Primary Keys: Click on the Import Primary Keys button. Under the label
Primary Key Columns, the Change Control Wizard lists primary keys for the
table you selected in the Table Name box. You cannot change these values.

10 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 2: Creating Control Rules Manually

Form Field: For each database column name entered under the Primary Key
Columns label, type the name of the corresponding form field. Once again,
use the format BLOCK.FIELD, in which BLOCK is the name by which underly-
ing code recognizes the form block that contains the field, and FIELD is the
name by which underlying code calls the field you want.

Creating Reason Codes


When a field is assigned the Reason Code or Approval control type, a user who
makes a change to the field must use a Change Control Request form to select a
reason for the change. Each reason is one in a group of codes assigned to the field.
To create both reason codes and the groups to which they belong:
1 Click on Tools in the Oracle EBS menu bar, then on Change Control Reason
Code in the Tools menu. A Change Control Reason Code form appears:

2 Create the reason-code group. Fill in these boxes:


Reason Type: Type a name for the group to which reason codes are to
belong. This value is available for selection in the Reason Type box of the
Change Details grid (page 9).
Description: Type a description for the group of reason codes.
3 Create reason codes that belong to this group of codes. Devote one row of the
Reason Code grid to each code. Fill in these boxes:
Reason Code: Type a unique name for a reason code. This will appear in the
list of values in the Change Control Request form.
Reason Description: Type a description of the code you have created.
Enabled Flag: Select the checkbox to put the reason code into effect. Clear
the checkbox to disable the reason code.
4 Save the reason codes: Select File from the Oracle EBS menu bar, then Save
from the File menu.
5 Close the Reason Code form: Click on the symbol in its upper right corner.
To open an already existing group so that you can modify or add to its reason codes:
1 Open the Reason Code form: Click on Tools in the Oracle EBS menu bar, then
on Change Control Reason Code in the Tools menu.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 11


Chapter 2: Creating Control Rules Manually

2 Click on View in the menu bar, then on Query by Example in the View menu,
and then on Enter in the Query submenu. (Or press the F11 key.)
3 The Reason Type and Description boxes in the Reason Code form turn blue. In
these boxes, type enough information to identify uniquely the group you want to
open. Use % as a wild-card to represent characters you do not enter.
4 Click on View in the menu bar, then on Query by Example in the View menu,
and then on Run in the Query submenu. (Or press Ctrl+F11.)

Finishing the Control-Rule Generation


When you complete the foregoing configuration tasks for any number of fields, you
can generate rules that implement your work:
1 Click on the Change Details tab in the bottom grid of the Change Element form.

2 Select the Generate check box for each of the rows for which you want to gen-
erate rules. Or, select the All check box (at the upper right of the Change Details
panel, in the Generate column) to choose all rows displayed in the panel.
3 Click on the Generate Selected Rules button.
4 Click on the Yes button in each of two pop-up messages. (One confirms that
you want to create the selected rules, and the other informs you that all existing
rules will be deleted and then re-created.)
5 Click on Tools in the Oracle menu bar, then on Create Audit Rules Objects in the
Tools menu. Verify that the process has run successfully under View/Requests.
6 Click on the Rules tab to review information about the rules you have generated,
which varies according to control type:

The Rule Name field displays a name for the rule, but is populated only for
the Reason Code and Approval control types.

12 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 2: Creating Control Rules Manually

The Process Name field identifies the workflow process that sends notifica-
tion of a change to a reviewer. Its always populated for an Approval rule, is
populated for a Reason Code rule only if a value for that rule is entered in
the WorkFlow Role field of the Change Details tab, and is never populated
for an Audit rule.
The Audit field displays the name of the audit group that applies to the
controlled field. (The Audit Rules application performs auditing at the
database level. The controlled field corresponds to a database column; the
column exists in a database table; and for changes to columns in a table to be
tracked, the table is placed in an audit group.) This field is populated for all
three control types.

Defining Subscribers for Control Rules


Once a control rule is created, you can create subscribers for it. A subscriber is a
filter that selects users, responsibilities, or other entities to which a rule applies. Thus,
you can enforce change controls selectively for example specifying that the
control defined for a field be implemented for some users, but not for others. (If you
choose not to define subscribers for a rule, the rule applies universally.)
As you create subscribers, you can filter on these entities: responsibility, profile, op-
erating unit, inventory organization, user; the value entered in a field; or a subscriber
list (itself a selection of users, responsibilities, or other entities).
To define a subscriber for a control rule:
1 Select the rule for which you want to define subscribers:
a In the upper grid of the Change Details form, click on the row correspond-
ing to the block that contains the controlled field.
b In the bottom grid, click on the Rules tab and then click on the row corre-
sponding to the field itself.
2 Click on the Subscribers button. The following Subscribers form opens:

3 To begin the definition, complete at least one row in the Subscribers form. Select
a filter type, an operator, and a value. A rule applies whenever a logical statement

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 13


Chapter 2: Creating Control Rules Manually

defined by those three entities evaluates to true for example when a users re-
sponsibility (filter type) equals (operator) Purchasing Super User (value). How-
ever, the process you follow to complete this step depends on the filter type you
select; see Filter Type Considerations (below).
4 Optionally, complete additional rows in the Subscribers form to create a subscriber
definition that consists of several criteria. If you do, make appropriate selections
in the And/Or and Group fields, and in any case, use additional controls to com-
plete the subscriber definition. See More Subscriber Fields (page 15).

Filter Type Considerations


If you wish to use the Responsibility, Profile, Operating Unit, Inventory Organiza-
tion, User, or Subscriber List filter type, make up to three selections:
1 Select the type you want to use from the Filter Type list of values. (If you select
Profile, select a specific profile in the Filter Name field. For the other types, the
Filter Name field does not accept input).
2 Select an operator from the Operator list of values. Your options are Equal, Not
Equal, Is Null, Is Not Null, Greater Than, and Less Than.
3 If you choose the Equal, Not Equal, Greater Than, or Less Than operator, select
an appropriate value from the Value LOV. (For the Profile type, this is a setting
for the profile you selected in the Filter Name field.)
For example, you might select Responsibility, Equal, and Purchasing Super User to
make a rule apply only to users logged on with the Purchasing Super User responsi-
bility. Or you might select User, Not Equal, and BOrr to have a rule apply to all
users other than BOrr.
If you wish to use the Data filter type, you need to make a different set of selections.
1 Select the Data type from the Filter Type list of values.
2 Choose a block and field in the Filter Name list of values.
3 Select the operator you want from the Operator list of values. If you select Is
Null or Is Not Null, youre finished. If you select Equal, Not Equal, Greater
Than, or Less Than, continue.
4 Choose a data type VarChar, Number, Date, DateTime, or Boolean in the
Data Type list of values. The type should match the type stored in the field you
selected in the Filter Name list of values (step 2).
5 In the Field Type list box, select Static if you are constructing a logical statement
that compares a constant value to values stored in the field you selected in the
Filter Name list of values (step 2). Or select Form Field if you want to compare
these values to other values returned by an Oracle EBS field.
6 Depending on the selection you made in step 5, type a constant value in the
Dependent Value field, or select a field name.
For example, you might select the Data filter type and an Oracle EBS block and field
in the Filter Name list of values. You might also select the Is Null operator, in which

14 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 2: Creating Control Rules Manually

case the rule would apply whenever the field you selected contains no value. Or, you
might select the Equal operator, the Static Field Type, and a constant value as the
Dependent Value; if so, the rule would apply whenever the value in the field is the
specified constant.

More Subscriber Fields


If you complete multiple rows in the Subscribers form, values in the And/Or and
Group fields come into play. (Note, however, that these fields must be completed
even if your subscriber definition consists only of a single row; in that case, you
would typically accept default values.)
Group: Enter a number that reflects the sequence in which a row is to be evalu-
ated with respect to other rows. You can enter the same number in more than
one row. If you do, the rows are grouped together enclosed in parentheses in
a SQL statement that is generated from the values you enter.
And/Or: Select a value that determines whether a row has an AND (both must
be true) or OR (either may be true) relationship with the next row (or group, or
row within a group).
In addition, you may use the following controls:
Allow Reversals: If this check box is not selected when a rule has been enforced,
the rule continues in force even if the next record does not meet the subscriber
criteria.
View Statement: Open a window that displays the SQL statement generated
from the selections you make in the Subscribers form. (To close this window,
click on its Close button.)
Done: Click on this button to close the Subscribers form. Save the subscriber
before closing the form: Click on File in the menu bar and Save in the File menu.

Profiles and Data Subscribers


Within the system administrator responsibility, a System Profile Values form enables
users to configure profiles, each at several levels: site, application, responsibility, user,
server, or organization. Each of these levels constitutes a field (and the value entered
for an individual profile is a field instance), so that an rule to control profile-value
changes at any of these levels affects all profiles at that level.
If you need to control changes to the values of individual profiles (while leaving
others uncontrolled), create an control rule for the appropriate field (for example,
PROFILE_VALUES.SITES_VISIBLE_VALUE for site-level profiles). Then create a sub-
scriber; add a row to the Subscriber form for each individual profile you want to
control. In each row:
For Filter Type, select Data.
For Filter Name, select the name of the field that holds profile names
PROFILE_VALUES.USER_PROFILE_OPTION_NAME.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 15


Chapter 2: Creating Control Rules Manually

For the Operator, select Equal.


For the Dependent Value, select the name of the profile you want to control.

16 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 3
Uploading or Migrating Control Rules

A content spreadsheet contains more than 1,500 fully configured change-control


rules. It is located in the content directory on the Governance, Risk, and Compliance
Controls Suite Disk 1 of your Oracle media pack.
Whether you upload rules from a content spreadsheet or create them individually in
the Change Control Wizard, you can migrate them copy them from one Oracle
EBS instance to another.
In either case, you make use of concurrent requests:
1 Log on to the GRC Controls responsibility in the Oracle E-Business Suite.
2 Click on View in the menu bar, then on Requests in the View menu.
3 A Find Requests form opens. Click on its Submit a New Request button. In the
Submit a New Request dialog, click on Single Request and then on the OK button.
4 A Submit Request form opens. In its Name list of values, select the concurrent
request you want.
5 A Parameters form appears. Supply parameter values and click on the OK button.
(Parameters vary by request; some are required and others optional. See the de-
scription of each request for a discussion of its parameters.)
6 In the Submit Request form, click on the Submit button. At the next prompt, note
the request number, and then click on No to return to the Find Requests form.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 17


Chapter 3: Uploading or Migrating Control Rules

7 If you choose to view a request log, click on the Specific Requests button. Type
the ID number for your request in the Request ID field, and click on the Find
button. A Requests form opens; click on its View Log button.

Uploading Rules from a Content Spreadsheet


To upload rules from a content spreadsheet, first review and prepare them:
1 Review the spreadsheet. Select the rules that target fields for which you want to
implement controls. Type the letter Y in the Upload column for each of these
rules.
2 Create a flat file containing the rules youve selected: From the Tools menu in
Excel, select the Create CSV for Change Control option. Specify the destination
for the CSV file and select the Save button.
Note
The Create CSV for Change Control option appears in the Excel Tools
menu only if the macro security level for Excel is set to low. To effect this
setting, click on Tools in the Excel menu bar, then on Options in the Tools
menu. In the Options window, click on the Security tab. In the Security
panel, click on the Macro Security button. A Security window opens; in its
Security Level panel, click on the Low radio button. Then close the Security
and Options windows click on the OK button in each.
3 A control total message displays the number of rules written. To verify the com-
pleteness of your upload file, compare this with the number of rows you selected.
Each of the rules you selected applies control to a form field, and each field corre-
sponds to a database column. Each field resides on a form block, and each block
corresponds to a database table. Before you upload rules from the CSV file youve
prepared, you must use Audit Rules to create audit groups that include all database
tables affected by your rules, and to enable auditing for all columns affected by your
rules. If auditing is not set up for a column or table used by even one rule, then all
rules in your CSV file will fail to load.
To upload the file youve prepared:
1 FTP the CSV file to the /usr/tmp directory of the instance in which the rules are
to be used.
2 Run the Data Governor Content Load concurrent request. Supply the following
parameters:
File Name: Type in the name of the CSV file. This parameter is mandatory.
File Location: Type in the path to the CSV file. This parameter is mandatory.
Debug Mode: Select Yes to enable debug functionality for the load, or No to
disable the functionality.
Load Data: Select Yes if the data is to be loaded into the Preventive Controls
Governor rule repository. Select No if this is a data validation run only.

18 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 3: Uploading or Migrating Control Rules

3 Open the Change Control Wizard (page 5). Click on Tools in the menu bar, then
on Create Audit Rules Objects in the Tools menu. A pop-up note informs you of
a concurrent request ID number. Click on the OK button to clear the message.

Migrating Control Rules


The method you use to copy control rules from one instance to another depends
upon whether you have modified them in the source instance:
If you have uploaded rules from a content spreadsheet to a source instance and
have neither changed them nor added rules to them, simply upload the same
rules from the content spreadsheet to the destination instance.
If you have used the Change Control Wizard either to create rules or to modify
rules uploaded from a content spreadsheet, run a concurrent request called Data
Governor Content Export. This request takes the following parameters:
File Location: Type in the path to the export file you are creating. This
parameter is mandatory.
File Name: Type a name for the export file you are creating. This parameter
is mandatory.
Application: Select one Oracle EBS application to export rules associated
with that application, or leave the parameter blank to export rules associated
with all applications.
Form: This parameter is available only if you have made a selection for the
Application parameter. Select a form used by the application to export only
control rules associated with that form, or leave the parameter blank to
export rules associated with all forms.
Block: This parameter is available only if you have made a selection for the
Form parameter. Choose a block that belongs to the selected form to export
only control rules associated with that block, or leave the parameter blank to
export rules associated with all blocks.
Table: This parameter becomes available only if you have made a selection
for the Block parameter. Choose the database table that corresponds to the
selected block, or leave the parameter blank.
Field: This parameter becomes available only if you have made a selection for
the Table parameter. Choose a form field that belongs to the selected block
(and for which data is stored in the selected table) to export only the single
control rule for that field, or leave the parameter blank to export control
rules for all fields on the block.
Control Type: Select one of the three control types to export only rules that
implement that control type, or leave the parameter blank to export all types
of rules.
Enabled Flag: Select Yes to export only those rules for which the Enabled
Flag check box (page 9) is checked; Select No to export only those rules for

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 19


Chapter 3: Uploading or Migrating Control Rules

which the Enabled Flag check box is cleared; or leave the parameter blank to
export rules configured in both ways.
Then, use the file you create to run the Data Governor Content Load concurrent
request on the destination instance. (Follow the procedure described in Upload-
ing Rules from a Content Spreadsheet, page 18.)

20 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 4
Applying Changes to Controlled Fields

When you enter or modify data in an Oracle EBS field that is subject to change
control, your process depends on the control type assigned to the field.

Audit
If a field is under Audit change control, any change you make is captured and avail-
able for reporting. However, you need not select a reason code or obtain an approval,
so there is no change to your ordinary procedure. Fields under Audit change control
are not distinguished visually from fields that are not subject to change control.

Reason Code or Approval


Depending on your visual-attributes selections (see page 9), a field subject to Reason
Code or Approval change control may appear in bright yellow on its Oracle EBS
form.
Users may change the values of these fields in either of two ways, depending on
whether the fields exist on a form associated with a When Validate Record event, and
therefore whether the WVR Enabled check box in the Change Control Wizard is
selected for each block of the form (see page 8).
If so, the user makes changes to the fields, but controls are imposed when the
user attempts to save the changes. The user would open a Change Control Re-

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 21


Chapter 4: Applying Changes to Controlled Fields

quest form to offer reasons, and if appropriate to begin the approval process, for
all the changed fields at once.
If not, the controlled fields are write-protected, and a user cannot make changes
to them directly. For each field, the user would instead open the Change Control
Request form and enter the new field value there as well as offer a reason for
the change and, if appropriate, initiate the approval process. In this case, the user
can modify only one field at a time in the Change Control Request form.

Change Control with WVR Enabled


To change the values of controlled fields on a form associated with the When Vali-
date Record event:
1 Enter new values in any number of controlled fields as you ordinarily would.
2 Save the changes: Click on file in the menu bar, and then Save in the File menu.
Or, click on the Save button.
3 The following message appears. Click on the OK button to clear it.

4 Click on Actions in the Oracle EBS menu bar, then on Oracle Change Control
Request in the Actions menu. The following form appears:

The form devotes a row to each of the changes you are making (and, in other
rows, displays information on changes made in prior sessions). In each row that
applies to a new change, most of the fields provide information but do not accept
input. These include User Field Name, Original Value, New Value, Request
Date, Requested By, and Status.
5 In each row that applies to a new change, click in the Reason field to select a
reason from a list of those configured for the field.
6 In the Comments text box, you may add any comments you deem appropriate.
These comments appear on the Change History Report (see page 27). The Com-

22 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 4: Applying Changes to Controlled Fields

ments text box displays information specific to whatever row youve selected in
the grid it presents an already-recorded comment for an old change or, for a
new change, it clears so that a new comment may be entered.
7 Click on the Done button.

Change Control with WVR Disabled


To change the values of controlled fields on a form that is not associated with the
When Validate Record event:
1 Select (click on) a controlled field whose value you want to change. Note that if
you try to enter a value in the field, the status bar near the bottom of the screen
displays the message Field is protected against update.
2 With the field selected, click on Actions in the menu bar, and then on Oracle
Change Control Request in the Actions menu.
If you are attempting to modify a list of values, its Find form opens, present-
ing a selection of entries appropriate for the field. Click on one and on the
OK button. The Change Control Request form then opens and displays your
selection in the New Value field.
If you are attempting to modify a data-entry field, the Change Control Request
form opens immediately, and the New Value field is blank. Type the value
you want in the New Value field.
In either case, some fields provide information but do not accept input. These in-
clude User Field Name, Original Value, Request Date, Requested By, and Status.
3 Click in the Reason field to select a reason from a list of those configured for the
field.
4 In the Comments text box, you may add any comment you deem appropriate.
5 Click on the Done button.
6 Repeat this process for each controlled field you want to change. When you fin-
ish making changes, save your work: Click on file in the menu bar, and then Save
in the File menu. Or, click on the Save button, located fourth from the left in the
tool bar (it looks like a disk).

Completing the Approval Process


If you are working with a field assigned the Reason Code control type, the process of
changing the field value is complete. (You can still undo such a change: reopen the
Change Request form, select the row that represents the change, and click on the
Reject button.)
If, however, the field was assigned the Approval control type, the status of the change
remains pending (as shown in the Status column of the Change Control Request
form), and you cannot make further changes to the field until the pending change is
approved or rejected. An approval decision involves the following additional steps:

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 23


Chapter 4: Applying Changes to Controlled Fields

1 When you close the Change Control Request form, the following message appears,
informing you that the approval workflow process has begun. Click the OK but-
ton to clear it.

2 The individual (or workflow role) assigned to approve the change receives a noti-
fication that the change is pending.

3 The user clicks on the notification to open it. He reviews the information and
optionally adds a comment:

4 The user also clicks one of the following buttons:


Approve: A notification of the approval is sent to the original requester, who
must acknowledge the acceptance.
Reject: The change cannot be made.
Reassign: The decision to approve or reject is reassigned to another user.
In the case of approval, the field-value change is not made until the original requester
acknowledges the approval. This user opens the form on which the field appears,
selects the field, and receives a dialog box offering the option to update the field. If
the requester clicks on the Yes button, the field is updated. If the user selects the No
button, the change is postponed, but not cancelled. Eventually the requester must
select the Yes button because the change has been approved.

24 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 5
Reports

Reports offer information about control-rule configuration, the changes made to the
fields those rules control, and the resolution of changes that require approval. Open
reports in the Oracle Governance, Risk, and Compliance Controls Suite:
1 Open your web browser. In its Address field, type the URL for your Govern-
ance, Risk, and Compliance Controls Suite instance. Press the Enter key.
2 A Sign In dialog box appears. Type your user name and password in the appro-
priate fields, and click on the Sign In button.
3 The GRC Controls Suite opens. Click on its Reporting tab.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 25


Chapter 5: Reports

4 A Folders area to the left of the Reports panel presents a hierarchical display of
available reports and the folders that contain them. In it, click on Public Folders,
then Report Center, and then Change Control.
5 In the larger panel on the right, click on the link for the report you want. You
will be prompted to enter parameter values. Because parameters vary by report,
appropriate values for them are discussed in the report descriptions that follow.
Note
An AGSuper User, or a user assigned the Manager reporting role, can view
all three of these reports. A user assigned the Auditor reporting role can
view all but the Approver Performance Report. Users assigned other report-
ing roles cannot view any of these reports. Reporting roles are assigned to
users in the GRC Controls Suite.

Exporting a Report
When you generate a report, it appears in the larger panel on the right of the Reports
browser. For ease of viewing, however, you may want to export it to another format,
such as Adobe Acrobat. To do so:
1 Click on the Export icon in the Reports browser. (It looks like two juxtaposed
rectangles, representing a disc and a sheet of paper. It appears only when a report
has been generated, and is located at the upper left corner of the larger panel in
the Reports browser.)
2 An Export Report dialog appears. In it, select a destination program in the File
Format field (for example, Adobe Acrobat). Then click on the OK button.
3 A dialog presents you with options appropriate to the program to which youve
elected to export the file for example, save or open in Adobe Acrobat. If you
select the open option, the report opens in a new window. If you select the save
option, you can specify a file path and name to which to save it.

Other Report Features


Reports are presented through use of a third-party component, which offers
features in addition to the presentation or exporting of reports. For documentation
of these features, open the Help file available from the Reports browser. You can do
this by clicking on a Help icon, which looks like a question mark enclosed in a circle,
and is located at the very right of the tool bar, just above the upper right corner of
the larger panel in the Reports browser.

The Data Source Parameter


One report parameter called Oracle ERP Agent Source Data is used by every
change-control report. Select the instance about which you want to generate reports.
For a given instance, the parameter prompt lists two data sources; one holds Oracle

26 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 5: Reports

EBS data and the other holds Preventive Controls Governance data. Choose the
latter. If your site accepted default names, its name contains the value XXLAAPPS. If
not, consult your database administrator to distinguish the two data sources. You
supply this value twice for each report, first to generate a list of parameters and then,
within that list, to generate the report itself.

Approver Performance Report


The Approver Performance Report provides statistics about the numbers of field-
value change requests that have been approved, rejected, and left pending by
individual approvers, as well as the amount of time that requests have spent in the
system. As you generate the report, you can select the following parameters:
Application Name: Select any number of, or all, application names for the report
to list changes to fields accessible from the applications you choose.
Approved By: Select any number of, or all, workflow roles, and the report lists
controlled fields subject to those approvers judgment. You can select only
approvers named in rules that apply to the fields accessible from the application
you chose in the previous parameter.
Date Range: Select beginning and ending dates to view approval statistics for
changes within the range you specify. You may enter dates in the Start and End
fields; in that case, clear the No Lower Value and No Upper Value check boxes.
Or you may omit the start date and select the No Lower Value check box to start
with the earliest existing approval decision, or omit the end date and select the
No Upper Value check box to finish with the latest existing approval decision.
If you do enter actual dates, select an Include This Value check box (for either or
both dates) to include the value you specify in the period, or clear the check box
to exclude the value (thus selecting approval decisions that begin after but not on
the start date, or end before but not on the end date). You can click on the
calendar icons to select dates.
Include Graph: The report can display data not only textually, but also graphi-
cally. Select Y to include, or N to exclude, graphs in a report.

Change History Report


The Change History Report displays the old and new values for changes made to
fields that are subject to change control. For each change, it also shows the user who
made the change and, if applicable, the user who approved it; the dates of the change
and the approval; the control type and, if applicable, reason code of the change-
control rule; the change status; and any comments. As you generate the report, you
can select the following parameters:
Record Identifier: Select any number of record identifiers (see page 10) to see
changes associated with the identified records. You can select only identifiers
appropriate to the fields you selected in the previous parameter.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 27


Chapter 5: Reports

Application: Select any number of, or all, application names for the report to list
changes to fields accessible from the applications you choose.
User Form Name: Select any number of, or all, form names to have the report
list changes to fields that appear in the forms you choose. You can select only
forms available in the applications you selected in the previous parameter.
User Field Name: Select any number of, or all, field names to have the report list
changes to the fields you choose. You can select only fields available in the forms
you selected in the previous parameter.
Control Type: Select any combination of Audit, Reason Code, and Approval to
view changes to fields that are subject to rules of the control types you select. Or,
select All to list fields subject to rules of any control type.
Request Date: In the Start of Range and End of Range fields, select beginning
and ending dates to view changes within the range you specify. You may enter
dates in the Start and End fields; in that case, clear the No Lower Value and No
Upper Value check boxes. Or you may omit the start date and select the No
Lower Value check box to start with the earliest existing field-value change, or
omit the end date and select the No Upper Value check box to finish with the
latest existing field-value change.
If you do enter actual dates, select an Include This Value check box (for either or
both dates) to include the value you specify in the period, or clear the check box
to exclude the value (thus selecting field-value changes that begin after but not on
the start date, or end before but not on the end date). You can click on the calen-
dar icons to select dates.
Notification to/Approved By: Select one or more user names to view changes
for which those users are the approvers (for fields subject to Approval rules) or
the recipients of notifications (for fields subject to Reason Code rules). Or select
All to view changes for which anyone (or no one) may be an approver or
notification recipient.
Requested By: Select one or more user names to view changes made by those
users, or select All to view changes made be all users.

Control Listing Report


The Control Listing Report displays data about Oracle form fields for which change-
control rules have been written. It contains an entry for each controlled field from a
specified set of forms, organizing the entries by form. Each entry identifies the name
of a field, the control type and status of the change-control rule, and (if applicable)
the workflow role designated to review changes to the field. As you generate the
report, you can select the following parameters:
Application Name: Select any number of, or all, application names for the report
to list controlled fields that apply to the applications you choose.
User Form Name: Select any number of, or all, form names to have the report
list controlled fields that appear in those forms.

28 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Chapter 5: Reports

Workflow Role: Select any number of workflow roles to have the report list
fields subject to Approval or Reason Code rules that name the selected workflow
roles as reviewers.
Control Type: Select any combination of Audit, Reason Code, and Approval to
focus the report on fields that are subject to rules of the control type you select.
Or, select All to list fields subject to rules of any control type.
Control Status: Select Active or Inactive to have the report list fields whose con-
trols are either enabled or disabled, or select All to have the report list both types.
Print Comments: Select Y to have the report include, for each field it lists, the
comment configured for the control rule to which the field is subject. Or, select
N to exclude comments.
Include Graph: The report can display data not only textually, but also graphi-
cally. Select Y to include, or N to exclude, graphs in a report.
Report Output: Select Print to produce report output in a document format, or
Export to produces report output in a tabular format.

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 29


Chapter 5: Reports

30 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Appendix A
Creating Workflow Roles

You must assign workflow role to each Approval control rule you configure, and you
may assign one to each Reason Code rule; the role specifies one or more people who
may, depending on the control type, by notified of a field-value change or be
required to approve or reject it.
To create a workflow role, log on to Flow Rules:
1 Log on to Oracle E-Business Suite.
2 Select GRC Controls in your list of responsibilities. (Ensure first that this
responsibility is available to you.)
3 Under the Oracle Embedded Agent heading, click on the Flow Rules link.
4 An Oracle Rules form appears. It provides access to all three of the embedded
agents; make sure that the Flow Rules tab is selected.
For the purposes of creating change-control rules, your only interest in the Flow
Rules agent is to create workflow roles. To do so, you use one option available from
the menu bar; you can ignore the Flow Rules form.
To create a workflow role:
1 Click on Flow Rules in the menu bar, and then on Define Roles in the Flow
Rules menu. An Approval Roles form opens (as shown at the top of the next
page).

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 31


Appendix A: Creating Workflow Roles

2 In the Role field, type a unique name for the role.


3 In the Description field, type a brief explanation for the purpose of the role.
4 In the Display Name field, create an easily recognizable name for the role. This is
the name you will be able to select in the Change Control Wizard.
5 In the Status list box, select Active to place the role into use or Inactive to
remove it from use. Note that once you inactivate a role, you cannot reactivate it.
6 In the Notification list of values, select the format in which members of the role
will receive notifications.
7 In the Expiration Date field, enter a date on which the role expires, or leave the
field blank to allow the role to exist indefinitely. Select a date in the pop-up cal-
endar that appears when you click on the list-of-values icon. Or type a date in the
format configured for your instance of Oracle EBS.
8 In the User list, select users, responsibilities, or other roles to be included in this
role.
When you finish configuring a workflow role, save it: click on File in the menu bar
and Save in the File menu. When you finish working in the Approval Roles form,
click the Done button to close it.

32 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3


Appendix B
Using the Event Tracker

The Event Tracker, a feature available in Form Rules, gathers information about
forms, blocks, and fields in Oracle EBS. Once the Event Tracker has been run in
forms containing fields you want to control, the Change Control Wizard can present
appropriate information for selection as you create control rules.
To use the Event Tracker, create a rule in Form Rules. A typical Form rule consists
of elements, each of which targets a form, block, or field and specifies an event
that triggers processing. Each element then defines customizations to the target
form, block, or field. In this case, however, the rule exists only to enable you to run
the Event Tracker, which is one of the events an element can specify. So the rule will
consist of one element for each Oracle EBS form that contains fields you want to
place under change control, but it wont define any customizations.
To run the Event Tracker:
1 Log on to Oracle E-Business Suite.
2 Select GRC Controls in your list of responsibilities. (Ensure first that this
responsibility is available to you.)
3 Under the Oracle Embedded Agent heading, click on the Form Rules link.
4 An Oracle Rules form appears (as shown at the top of the next page). It provides
access to all three of the embedded agents; make sure that the Form Rules tab is
selected:

Users Guide: Change Control in Preventive Controls Governor 7.2.2.3 33


Appendix B: Using the Event Tracker

5 Type a name for the rule in the Rule Name field.


6 In the Description field, briefly explain the purpose of the rule.
7 Ensure that the Active check box is selected.
Once the rule itself is named and described, you can create rule elements, one per
row in the Rule Elements grid:
1 In the Seq field, type a number.
2 In the Element Name field, type a name for the element.
3 Specify the form that is the target of the element. Do either of the following:
In the Form Name field, select the internal name for the form. Form Rules
then supplies a corresponding value in the User Form Name field.
In the User Form Name field, select the display name for the form. Form
Rules then supplies a corresponding value in the Form Name field.
4 In the Event list of values, select the value Event Tracker.
5 Ensure that the Active check box is selected.
6 Repeat steps 15 for all forms containing fields for which you expect create
change-control rules in the Change Control Wizard.
7 Save the rule: click on File in the menu bar, then on Save in the file menu.
8 Refresh a cache of rule-evaluation data. One way is to close Form Rules. An-
other is to click on Tools in the menu bar, and then Oracle Rules Configurations
in the Tools menu. An Oracle Rules Configurations window opens; in it, click on
the Refresh Cache button.
Once the elements are configured, the rule is saved, and the cache is refreshed, open
each Oracle EBS application containing forms you chose. Navigate to each form
and, in it, navigate to each field you want to control. Create or update a record and
save your work. By doing so, you capture a reference to each item you touch, and
these items become available in the Change Control Wizard.

34 Users Guide: Change Control in Preventive Controls Governor 7.2.2.3

You might also like